Page last updated on April 11, 2024
CLOROX CO /DE/ initially disclosed a cybersecurity incident in an SEC 8-K filing on 2023-08-14 17:29:29 EDT.
Incident Details
Material: Yes
Is Breach: Unknown
Records Compromised: Unknown
Data Types Impacted: No Data Types Tracked (yet)
Compromised Date:
Detected Date:
Disclosure Date: 2023-08-14
Contained Date: 2023-09-18
Recovered Date:
Attack Goal: Theft
Costs: No Costs Tracked (yet)
Filings
8-K filed on 2023-08-14
CLOROX CO /DE/ filed an 8-K at 2023-08-14 17:29:29 EDT
Accession Number: 0001206774-23-000969
Item 8.01 Other Events.
The Clorox Company (the “Company” or “Clorox”) has identified unauthorized activity on some of its Information Technology (IT) systems. After becoming aware of the activity, the Company began taking steps to stop and remediate the activity, including taking certain systems offline. The Company is working diligently to respond to and address this issue, and is also coordinating with law enforcement. To the extent possible, and in line with its business continuity plans, Clorox has implemented workarounds for certain offline operations in order to continue servicing its customers. However, the incident has caused, and is expected to continue to cause, disruption to parts of the Company’s business operations.
Clorox has engaged leading third-party cybersecurity experts to support its investigation and recovery efforts. The investigation to assess the nature and scope of the incident remains ongoing and is in its early stages.
8-K filed on 2023-09-18
CLOROX CO /DE/ filed an 8-K at 2023-09-18 06:11:26 EDT
Accession Number: 0001206774-23-001133
Item 8.01 Other Events.
On Aug. 14, 2023, The Clorox Company (the “Company” or “Clorox”) announced that it had identified unauthorized activity on some of its Information Technology (IT) systems and took immediate steps to stop and remediate the activity, including taking certain systems offline. The Company implemented its business continuity plans and began manual ordering and processing procedures shortly thereafter at a reduced rate of operations. The Company is operating at a lower rate of order processing and has recently begun to experience an elevated level of consumer product availability issues.
Based on the information available to date, the Company believes the unauthorized activity is contained due to the steps the Company has taken to address the incident.
The cybersecurity attack damaged portions of the Company’s IT infrastructure, which caused widescale disruption of Clorox’s operations. The Company is repairing the infrastructure and is reintegrating the systems that were proactively taken offline. The Company expects to begin the process of transitioning back to normal automated order processing the week of Sept. 25. Clorox has already resumed production at the vast majority of its manufacturing sites and expects the ramp up to full production to occur over time. At this time, the Company cannot estimate how long it will take to resume fully normalized operations.
Clorox is still evaluating the extent of the financial and business impact. Due to the order processing delays and elevated level of product outages, the Company now believes the impact will be material on Q1 financial results. It is premature for the Company to determine longer-term impact, including fiscal year outlook, given the ongoing recovery.
The Company will provide an update as to financial impact after it has increased visibility.
Related Articles
- 2023-11-15 - Clorox’s cyber chief leaves as recovery from cyberattack continues - Bloomberg News: Clorox’s CISO, Amy Bogac, has left the company.
Company Information
Name | CLOROX CO /DE/ |
CIK | 0000021076 |
SIC Description | Specialty Cleaning, Polishing and Sanitation Preparations |
Ticker | CLX - NYSE |
Website | |
Category | Large accelerated filer |
Fiscal Year End | June 29 |